I've asked this on the asp ng, but couldn't get any advice, wondering if
anyone here can help...
GOAL: place a .NET cookie, in a user's cookie folder, containing the
machinename of the current machine the user is on. Then various .NET apps
will be able to compare a value in our db, and see if the user is allowed to
work on that machine.
So far, in the computers' startup routine (when the computer is logged
into), each computer writes the text to the appropriately named cookie file,
in that user's cookie folder. We've gotten this far.
The problem - .NET can't read it. I believe it has to do with hidden
characters. ie, take a look at a .NET
cookie. After the second 'e' in ClientInfoCookie, there is a hidden
character. You'll notice it by spacing over, it spaces twice at that point.
Also, after 'localhost/' there's a hidden character, and before the first
'*' there's a hidden character. But the Echo command that the network
engineer is running, strips out hidden characters. Could this be why we
can't read the cookie?
Anyone have any experience doing what I'm trying to do? An easier way
perpaps. Maybe I can use a javascript cookie, and have the machine name &
currentuser placed in there. Can .NET read a JS cookie perhaps...
TY Jason Shohet
12  4581 
If you are trying to prevent users from using specific workstations, why not
use the built-in Windows policy mechanism? That's what it's designed for.
Colin
"Jason Shohet" <__******@yahoo.com> wrote in message
news:eX**************@tk2msftngp13.phx.gbl... I've asked this on the asp ng, but couldn't get any advice, wondering if
anyone here can help...
GOAL: place a .NET cookie, in a user's cookie folder, containing the
machinename of the current machine the user is on. Then various .NET apps
will be able to compare a value in our db, and see if the user is allowed
to work on that machine.
So far, in the computers' startup routine (when the computer is logged
into), each computer writes the text to the appropriately named cookie
file, in that user's cookie folder. We've gotten this far.
The problem - .NET can't read it. I believe it has to do with hidden
characters. ie, take a look at a .NET
cookie. After the second 'e' in ClientInfoCookie, there is a hidden
character. You'll notice it by spacing over, it spaces twice at that
point. Also, after 'localhost/' there's a hidden character, and before the first
'*' there's a hidden character. But the Echo command that the network
engineer is running, strips out hidden characters. Could this be why we
can't read the cookie?
Anyone have any experience doing what I'm trying to do? An easier way
perpaps. Maybe I can use a javascript cookie, and have the machine name &
currentuser placed in there. Can .NET read a JS cookie perhaps...
TY Jason Shohet
Jason,
The correct way to get cookie and set cookie is use InternetSetCookie
function and InternetSetCookie function. If there is no expiry set for
cookie , cookie will become process level and if there is cookie will
stay in users cookie folder.
You need to use interop to call those Wininet functions.
[DllImport("wininet.dll", CharSet=CharSet.Auto, SetLastError=true)]
public static extern bool InternetGetCookie(
string lpszUrlName,
string lpszCookieName,
StringBuilder lpszCookieData,
[MarshalAs(UnmanagedType.U4)]
ref int lpdwSize
);
[DllImport("wininet.dll", CharSet=CharSet.Auto, SetLastError=true)]
public static extern bool InternetSetCookie(
string lpszUrlName,
string lpszCookieName,
string lpszCookieData
);
Sample code to set a cookie ( persistant)
InternetSetCookie(url,"Nirmal","aaa;expires = Sat, 01-Jan-2000
00:00:00 ");
I am not sure if this is what you want to acheive, Post if you need
more help.
Cheers
Nirmal
"Jason Shohet" <__******@yahoo.com> wrote in message news:<eX**************@tk2msftngp13.phx.gbl>... I've asked this on the asp ng, but couldn't get any advice, wondering if
anyone here can help...
GOAL: place a .NET cookie, in a user's cookie folder, containing the
machinename of the current machine the user is on. Then various .NET apps
will be able to compare a value in our db, and see if the user is allowed to
work on that machine.
So far, in the computers' startup routine (when the computer is logged
into), each computer writes the text to the appropriately named cookie file,
in that user's cookie folder. We've gotten this far.
The problem - .NET can't read it. I believe it has to do with hidden
characters. ie, take a look at a .NET
cookie. After the second 'e' in ClientInfoCookie, there is a hidden
character. You'll notice it by spacing over, it spaces twice at that point.
Also, after 'localhost/' there's a hidden character, and before the first
'*' there's a hidden character. But the Echo command that the network
engineer is running, strips out hidden characters. Could this be why we
can't read the cookie?
Anyone have any experience doing what I'm trying to do? An easier way
perpaps. Maybe I can use a javascript cookie, and have the machine name &
currentuser placed in there. Can .NET read a JS cookie perhaps...
TY Jason Shohet
So you're talking about the startup routine when Windows loads up, it can
call Wininet functions? I've never seem what you're showing me below, but
I'm going to check if our guys can do it!!! Are you saying that
InternetSetCookie ( ) can be called during the startup routine -- its not
DOS commands (like Echo etc) from a .Bat file is it? TY very much!!!
The network engineers refuse to turn on Netbios, and I believe thats
required to go after Active Directory (we're a total AD shop, everyone's got
windows 2000 etc).
hi. I'm digesting this now. What is the 'URL' parameter? What goes in
there.
Also, if I logon to the machine as shohetj, is that what goes into the
CookieName parameter?
my thinking is it goes like this:
InternetSetCookie(url, "shohetj", "w2k-shohetj; expires = Sat, 01-Jan-2000
00:00:00");
Where shohetj is the cookiename, w2k-shohetj is my computer's machinename,
and url -- i have no idea! :)
TY for the help
Are you trying to prevent users from using any application on specific
machines, or just some specific browser-based applications from specific
machines? Maybe if you express your goal in terms of the actual goal,
instead of a solution you'll get a better solution. It seems to me that what
you should be doing is securing the individual workstations using the
existing mechanisms rather than trying to roll your own security solution.
Colin
"Jason Shohet" <__******@yahoo.com> wrote in message
news:e4**************@TK2MSFTNGP09.phx.gbl... The network engineers refuse to turn on Netbios, and I believe thats
required to go after Active Directory (we're a total AD shop, everyone's
got windows 2000 etc).
url is the url to which you need to set cookie. Cookies are generally
assigned against a domian and optionally path.
For eg, if you want to assign cookies which needs to be sent for http://www.test.com
url = "http://www.test.com"
"Jason Shohet" <__******@yahoo.com> wrote in message news:<#o**************@TK2MSFTNGP11.phx.gbl>... hi. I'm digesting this now. What is the 'URL' parameter? What goes in
there.
Also, if I logon to the machine as shohetj, is that what goes into the
CookieName parameter?
my thinking is it goes like this:
InternetSetCookie(url, "shohetj", "w2k-shohetj; expires = Sat, 01-Jan-2000
00:00:00");
Where shohetj is the cookiename, w2k-shohetj is my computer's machinename,
and url -- i have no idea! :)
TY for the help
Though i am explaining you the way to set cookies, it will be much
better if you post your actual problem here as suggested already in
this thread...
Colin, NK,
Thank you for helping me muddle thru this. YES, I am trying to prevent
users from accessing 1 particular applicationm -- a Timekeeping ASP.NET
application, on any machine -- besides their own.
ie: Joe has permission to access his Timesheet from his workstation only.
Mary from her workstation only.
Tactic 1: we keep the workstation assigned to each user in our database.
So I know Joe can log onto Machine abc. Mary on def, lets say. A cookie
containing the machinename, is written everytime someone logs on to a
machine. Lets say Joe logs onto Mary's machine. A cookie will go into
Joe's cookie directory on Mary's machine and write def. When he attempts
to access the asp.net timesheet app, the app reads from the cookie. It sees
def. The app looks in the db and sees abc assigned to Joe, and he is
refused entry into the system!
NOTE: we're not worried about someone modifying the cookie file because the
users are on the intranet, they don't have access to their hard drives etc.
Tactic 2: validate directly against ActiveDirectory (we're a w2k shop)!
Unfort, Netbios is not enabled on our network due to fears of extra network
traffic by the head network engineer. FWIK, Netbios is req'd for this to
work.
Thanks for the help again! Jason Shohet
"Colin Young" <x@nospam.com> wrote in message
news:uV**************@tk2msftngp13.phx.gbl... Are you trying to prevent users from using any application on specific
machines, or just some specific browser-based applications from specific
machines? Maybe if you express your goal in terms of the actual goal,
instead of a solution you'll get a better solution. It seems to me that
what you should be doing is securing the individual workstations using the
existing mechanisms rather than trying to roll your own security solution.
Colin
"Jason Shohet" <__******@yahoo.com> wrote in message
news:e4**************@TK2MSFTNGP09.phx.gbl... The network engineers refuse to turn on Netbios, and I believe thats
required to go after Active Directory (we're a total AD shop, everyone's
got windows 2000 etc).
i explained what i'm trying to do in response to Colin's question, above.
TY again for your help.
(BTW, I mentioned to the network engineers about Interop & Wininet, and they
never heard of it & have no idea how to access it during startup. Seems
like a bit of a rabbit hole! )
"N.K" <ni**********@hotmail.com> wrote in message
news:5b**************************@posting.google.c om... Though i am explaining you the way to set cookies, it will be much
better if you post your actual problem here as suggested already in
this thread...
If this is what you're trying to do, you don't need to mess with cookies
at all. You can use Request.UserHostAddress or Request.UserHostName to
figure out what machine the user is connecting from.
-Jason
Jason Shohet wrote: Colin, NK,
Thank you for helping me muddle thru this. YES, I am trying to prevent
users from accessing 1 particular applicationm -- a Timekeeping ASP.NET
application, on any machine -- besides their own.
ie: Joe has permission to access his Timesheet from his workstation only.
Mary from her workstation only.
Tactic 1: we keep the workstation assigned to each user in our database.
So I know Joe can log onto Machine abc. Mary on def, lets say. A cookie
containing the machinename, is written everytime someone logs on to a
machine. Lets say Joe logs onto Mary's machine. A cookie will go into
Joe's cookie directory on Mary's machine and write def. When he attempts
to access the asp.net timesheet app, the app reads from the cookie. It sees
def. The app looks in the db and sees abc assigned to Joe, and he is
refused entry into the system!
NOTE: we're not worried about someone modifying the cookie file because the
users are on the intranet, they don't have access to their hard drives etc.
Tactic 2: validate directly against ActiveDirectory (we're a w2k shop)!
Unfort, Netbios is not enabled on our network due to fears of extra network
traffic by the head network engineer. FWIK, Netbios is req'd for this to
work.
Thanks for the help again! Jason Shohet
Hi Jason,
Actually this joggled my memory about the netbios thing.
Request.UserHostAdress needs netbios, from what i know. I tried it a few
months back and it didn't work when the workstation has 'netbios disabled
over tcpip'. And our engineer downstairs feels netbios adds too much to
network traffic :(
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Patrick |
last post by:
I am trying to download the html page at
http://www.dreamteamfc.com/dtfc04/servlet/PostPlayerList?catidx=1
Using the code
public class DownloadWebPage
{ public static void main (String...
|
by: mikelostcause |
last post by:
Is there anyway to hold the base.WndProc(ref m) until after the Logout()
finishes loading a webpage??
I'm working on shutting down an app that runs in the system tray, I have no
problems...
|
by: Stef |
last post by:
Hi people,
I have a problem with cookies set via javascript. What I try to
achieve is, when a user comes on the intranet, he can click on a link (
a simple href) that will set the content to...
|
by: Mike |
last post by:
Hi,
Upon login into my application I stored user data (userid, ...) in a cookie
to be used throughout the application. One particular form is very
complicated that uses AJAX and many AJAX...
|
by: eureka |
last post by:
Hi friends,
I am developing a web application using Jsp and JS.
I have a main Jsp page(Jsp1).Inside it I have an iframe having an Html-
table which is created dynamically and contains all...
|
by: Anton Vredegoor |
last post by:
Since a few days I've been experimenting with a construct that enables
me to send the sourcecode of the web page I'm reading through a Python
script and then into a new tab in Mozilla. The new tab...
|
by: fordie1000 |
last post by:
Hi,
I have been trying to do this for a few days now ... I'd appreciate any help or insights ...
Basically I want to enter text into a web 'textarea' automatically ... here is what I
thought...
|
by: miraan |
last post by:
Hi,
I set a php cookie on one page, is it possible to retrieve the same cookie on another webpage on my site or can i just retrieve the cookie from the page that i set the cookie on?
|
by: Studlyami |
last post by:
Hey all, I'm trying to create a simple (I think it should be simple) batch file. I want this file to open Internet Explorer 6 go to the webpage SIRIUS Satellite Radio - The Best Radio On Radio and...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
